My open letter to reps regarding Rule 41

Today, the EFF spear-headed a great campaign to protest the recent changes to Rule 41. I've covered that previously.  Below is my open letter to my representatives on why they should reject the recent changes to Rule 41. It's important to support the advocacy groups that work to support everyone's digital rights and civil liberties.

Hello,

I am writing to show my support of the Stopping Mass Hacking Act to order to reject recent changes to Rule 41 of the Federal Rules of Criminal Procedure.

My support of rejecting the changes to Rule 41 is two-fold:

1) Concerning the language of that allows a warrant to be issued against those using privacy tools, such as a VPN. This language assumes any user of privacy tools is automatically guilty of some future crime and effectively removes burden of proof from law enforcement and intelligence agencies. Burden of proof is a foundation of a justice system that prevent conviction and sentencing of those innocent of a crime.

We have existing policies in place that allow for due process in issuing warrants and gathering evidence within a judge's jurisdiction. I agree that policy must change with technology in order to be relevant -- hopefully to secure civil liberties -- but this is a clear case of over reach.

2) Concerning the language of the changes to Rule 41 that allow for unwarranted searches to systems that have been infected by a botnet: a person without a search warrant against them has a reasonable expectation of privacy for their computer/device and its contents. Certainly language in discussions of the fourth amendment concern personal effects such as opaque containers. Many people use opaque containers as some guarantee of privacy; similarly, most people apply these same privacy principles to their electronic property by utilizing passwords and storing their devices in secure places.

Allowing an unwarranted search of an innocent person's computer system that has been infected by botnet is illegal and no different than seizing and searching that person's property simply because a criminal leaves near them.

Based on these facts, I urge you to reject the changes to Rule 41 and pass the Stopping Mass Hacking Act.

Explainer: Rule 41 and its dangers

The EFF brings news of an innocuous-sounding — yet Orwellian — Rule 41. The proposal has two main segments; from the article:

The first part of this change would grant authority to practically any judge to issue a search warrant to remotely access, seize, or copy data relevant to a crime when a computer was using privacy-protective tools to safeguard one's location.

The second part...would grant authorization to a judge to issue a search warrant for...infiltrating computers that may be part of a botnet. This means victims of malware could find themselves doubly infiltrated: their computers infected with malware and used to contribute to a botnet, and then government agents given free rein to remotely access their computers as part of the investigation.

This means that any judge in the US — perhaps one with a history of granting warrants without much consideration of evidence — can issue a search warrant for any computer in the world, regardless of jurisdiction. Combine that with the language of the second segment, and this is effectively a rubber-stamp to intrude every connected device on the planet with a single warrant.

Congress has until December 1 of this year to block these changes to Rule 41. See EFF’s write up for an in-depth on the the legal ramifications.